Computer Forensics MCQ Quiz

Reviewed by Godwin Iheuwa

Godwin Iheuwa, MS (Computer Science) |

Database Administrator

Review Board Member

Godwin Iheuwa, a Database Administrator at MTN Nigeria, holds an MS in Computer Science, specializing in Agile Methodologies and Database Administration from the University of Bedfordshire and a Bachelor's in Computer Science from the University of Port Harcourt. His proficiency in SQL Server Integration Services (SSIS) and SQL Server Management Studio contributes to his expertise in database management.

, MS (Computer Science)

By Ttemple

Ttemple

Community Contributor

Quizzes Created: 1 | Total Attempts: 16,748

| Attempts: 16,766

Quiz Flashcard

Questions

Feedback

During the Quiz End of Quiz

Difficulty

Sequential Easy First Hard First

Share on Facebook Share on Twitter Share on Whatsapp Share on Pinterest Share on Email Copy to Clipboard Embed on your website

1/15 Questions

There are three c's in computer forensics. Which is one of the three?
- Control
- Chance
- Chains
- Core

About This Quiz

Have you studied what computer forensics is? To check your knowledge on this topic, you can take this computer forensics MCQ quiz. This quiz will not only test your understanding but also enhance your knowledge of finding evidence from the computer storage media. The scores will reveal how well you have understood computer forensics. For a perfect score, you have See moreto choose all the correct answers. If you like the quiz questions and answers and are satisfied with the result, share it with your friends and other people related to computer forensics.

2.

The investigator-in-charge is supposed to Identify and _____________ e-evidence.

Explanation
The investigator-in-charge is responsible for identifying and collecting electronic evidence. This involves locating and gathering digital information that may be relevant to the investigation. By collecting electronic evidence, the investigator can analyze and use it to support their findings and conclusions. It is an essential step in the investigative process to ensure that all relevant information is obtained and properly documented.

Rate this question:

6
3.

You are supposed to maintain three types of records. Which answer is not a record?
- Chain of custody.
- Documentation of the crime scene.
- Searching the crime scene.
- Document your actions.
Correct Answer

A. Searching the crime scene.

Explanation

The answer "Searching the crime scene" is not a record because it refers to an action or task rather than a documented record. The other options, such as "Chain of custody," "Documentation of the crime scene," and "Document your actions," all involve creating and maintaining written or recorded records of various aspects related to the crime scene or investigation.

Rate this question:

5
4.

Computer forensics is a branch of digital forensic science.
- True
- False
Correct Answer

A. True

Explanation

Computer forensics is indeed a branch of digital forensic science. Digital forensic science involves the collection, analysis, and preservation of digital evidence for legal purposes. Computer forensics specifically focuses on investigating and analyzing digital devices, such as computers, laptops, and mobile phones, to uncover evidence of cybercrime or other digital offenses. It involves techniques and tools to recover deleted or hidden data, trace network activities, and analyze digital artifacts. Therefore, the statement "Computer forensics is a branch of digital forensic science" is true.

Rate this question:
5.

Physical Forensics Discipline includes which of the following?
- Bloodstain
- Eating
- Searching
- Watching
Correct Answer

A. Bloodstain

Explanation

Physical Forensics Discipline includes the analysis and interpretation of bloodstain patterns at crime scenes. This involves examining the size, shape, and distribution of bloodstains to determine the type of injury, the position of the victim and perpetrator, and the sequence of events. By studying bloodstains, forensic experts can reconstruct the crime scene and provide crucial evidence in criminal investigations.

Rate this question:

3
6.

This is the ______________ life cycle in computer forensics.

Correct Answer
investigation
investigating

Explanation
The correct answer is "investigation, investigating." In computer forensics, investigation is a crucial step in the life cycle. It involves gathering evidence, analyzing data, and identifying potential suspects. Investigating is the continuous process of examining and evaluating the collected evidence to uncover the truth and build a case. Both investigation and investigating are essential components of the computer forensics life cycle, as they help in identifying and resolving any digital crimes or security breaches.

Rate this question:
7.

Which is not a step in the scientific method?
- Raise a question.
- Test the hypotheses.
- Wait to test.
- Draw a conclusion.
Correct Answer

A. Wait to test.

Explanation

The scientific method involves a series of systematic steps to investigate and understand phenomena. The steps typically include raising a question, formulating hypotheses, testing the hypotheses through experiments or observations, and drawing conclusions based on the results. Waiting to test is not a step in the scientific method because it implies a lack of action or experimentation, which is essential for gathering data and verifying hypotheses.

Rate this question:

4
8.

Which of the equipment don't you have to get ready for recording video?
- Use date/time.
- Carry extra batteries.
- Bring paper and an extra pencil.
- Carry extra memory.
Correct Answer

A. Bring paper and an extra pencil.

Explanation

The correct answer is "Bring paper and an extra pencil." This is because paper and a pencil are not necessary equipment for recording video. The other options, such as using date/time, carrying extra batteries, and carrying extra memory, are all essential for preparing to record video.

Rate this question:

0
9.

Which do you document on audio?
- Write down information.
- Zoom in on evidence.
- Close-up images.
- Your arrival time.
Correct Answer

A. Your arrival time.

Explanation

The correct answer is "Your arrival time." This is because documenting something on audio means recording or capturing it in audio format. Your arrival time can be easily documented by verbally stating it and recording it using an audio device. Writing down information, zooming in on evidence, and capturing close-up images are all visual methods of documentation, not audio.

Rate this question:
10.

Which word best fits with this definition - officials set up a perimeter around a crime scene?
- Civilian
- Math
- Law Enforcement
- Police officer
Correct Answer

A. Law Enforcement

Explanation

Law enforcement is the best word that fits with the given definition of officials setting up a perimeter around a crime scene. Law enforcement refers to the organizations and individuals responsible for maintaining law and order, investigating crimes, and ensuring public safety. Setting up a perimeter is a common practice in crime scene management, where law enforcement officials establish a boundary around the area to preserve evidence, control access, and prevent contamination. This term specifically relates to the activities and responsibilities of law enforcement agencies and personnel in handling criminal incidents.

Rate this question:

3
11.

Which tool is needed for a computer forensics job?
- Toothbrush
- Latex gloves
- Backup computer
- Sunlight
Correct Answer

A. Backup computer

Explanation

A backup computer is essential in computer forensics for various purposes, including analyzing data without affecting the original system, testing forensic tools and techniques, and ensuring continuity of work in case of hardware or software failures. Having a backup computer allows forensic analysts to securely store and process digital evidence while minimizing the risk of data loss or corruption.

Rate this question:

1
12.

What do you do to a computer that is turned off?
- Turn it on.
- Leave it off.
- Start typing.
- Flip the switch.
Correct Answer

A. Leave it off.

Explanation

The correct answer is "Leave it off" because when a computer is turned off, it means that it is not currently in use and should be left in that state. Turning it on or starting to type on it would imply that you want to use it, which contradicts the fact that it is turned off. Flipping the switch could also turn it on, so it is not the correct action to take when the computer is turned off.

Rate this question:

4
13.

What should you do if the computer is turned on?
- Shut it down.
- Unplug it.
- Start typing.
- Log the user off.
Correct Answer

A. Log the user off.

Explanation

The answer depends on the context. If you’re a computer forensics investigator and you’ve just arrived at a scene, the best practice is to: D. Log the user off.
This is because shutting down or unplugging the computer might result in the loss of volatile data. However, if you’re not an investigator and you’ve found a computer that’s been left on, the most respectful thing to do would be to leave it as it is.

Rate this question:

1
14.

What happens when first securing the area?
- Start looking for evidence.
- Make sure that the crime scene is safe.
- Gather evidence.
- Make sure the computer is on.
Correct Answer

A. Make sure that the crime scene is safe.

Explanation

When first securing the area, the main priority is to ensure the safety of the crime scene. This involves taking necessary precautions to prevent contamination or tampering of evidence. By securing the area and making sure it is safe, investigators can then proceed to gather evidence without the risk of compromising its integrity. The other options, such as looking for evidence or making sure the computer is on, may be important steps in the investigation process, but they are secondary to ensuring the safety and integrity of the crime scene.

Rate this question:

1
15.

The most important thing to keep track of is the ______.

Correct Answer
date
time

Explanation
The most important thing to keep track of is the date and time. This is crucial for various reasons such as scheduling appointments, meeting deadlines, organizing events, and maintaining a chronological record of activities. Having accurate and up-to-date information about the date and time ensures effective planning and coordination, enabling individuals and organizations to stay organized and meet their commitments efficiently.

Rate this question:

1

Godwin Iheuwa |MS (Computer Science) |

Database Administrator

Quiz Review Timeline (Updated): Mar 14, 2024 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

Current Version
Mar 14, 2024

Quiz Edited by
ProProfs Editorial Team

Expert Reviewed by
Godwin Iheuwa
Feb 13, 2013

Quiz Created by
Ttemple

Computer Forensics MCQ Quiz

There are three c's in computer forensics. Which is one of the three?

Quiz Preview

The investigator-in-charge is supposed to Identify and _____________ e-evidence.

You are supposed to maintain three types of records. Which answer is not a record?

Computer forensics is a branch of digital forensic science.

Physical Forensics Discipline includes which of the following?

This is the ______________ life cycle in computer forensics.

Which is not a step in the scientific method?

Which of the equipment don't you have to get ready for recording video?

Which do you document on audio?

Which word best fits with this definition - officials set up a perimeter around a crime scene?

Which tool is needed for a computer forensics job?

What do you do to a computer that is turned off?

What should you do if the computer is turned on?

What happens when first securing the area?

The most important thing to keep track of is the ______.